Think about it – About two-thirds of organizations suffer breaches of security controls. That’s a lot!  And should get any businesses attention.

“The reason is a lot of people throw technology at the problem, but not do the research to figure out who’s behind these attacks, and what are techniques, tactics and procedures of hackers. If you know how they attack you, you can put together a defence strategy that really avoids falling victim to these attacks.” – Torsten George – Centrify

Instead of focusing all your IT budget on firewalls or data encryption invest money in security awareness training.  The front line is the first line of defense for your company.

Too often, many companies have a staff meeting once a year, explain how phishing works, tell them to watch for lures and then say“good luck.”

Employees need to see for themselves what an attack looks like. Regular phishing tests — with consequences for those who regularly fail need to be done. Teaching (awareness) is crucial but you have constantly test if they are applying what they learn.